Vulnerabilities (CVE)

Filtered by CWE-416
Total 2478 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-3974 2 Fedoraproject, Vim 2 Fedora, Vim 2021-11-26 6.8 MEDIUM 7.8 HIGH
vim is vulnerable to Use After Free
CVE-2017-3071 6 Adobe, Apple, Google and 3 more 11 Flash Player, Mac Os X, Macos and 8 more 2021-11-26 10.0 HIGH 9.8 CRITICAL
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution.
CVE-2017-3073 6 Adobe, Apple, Google and 3 more 11 Flash Player, Mac Os X, Macos and 8 more 2021-11-26 10.0 HIGH 9.8 CRITICAL
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption. Successful exploitation could lead to arbitrary code execution.
CVE-2021-43582 1 Opendesign 1 Drawings Sdk 2021-11-26 6.8 MEDIUM 7.8 HIGH
A Use-After-Free Remote Vulnerability exists when reading a DWG file using Open Design Alliance Drawings SDK before 2022.11. The specific issue exists within the parsing of DWG files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.
CVE-2021-43057 1 Linux 1 Linux Kernel 2021-11-25 7.2 HIGH 7.8 HIGH
An issue was discovered in the Linux kernel before 5.14.8. A use-after-free in selinux_ptrace_traceme (aka the SELinux handler for PTRACE_TRACEME) could be used by local attackers to cause memory corruption and escalate privileges, aka CID-a3727a8bac0a. This occurs because of an attempt to access the subjective credentials of another task.
CVE-2021-42385 1 Busybox 1 Busybox 2021-11-25 6.5 MEDIUM 7.2 HIGH
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function
CVE-2021-42380 1 Busybox 1 Busybox 2021-11-25 6.5 MEDIUM 7.2 HIGH
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function
CVE-2021-42378 1 Busybox 1 Busybox 2021-11-25 6.5 MEDIUM 7.2 HIGH
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function
CVE-2021-42382 1 Busybox 1 Busybox 2021-11-25 6.5 MEDIUM 7.2 HIGH
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function
CVE-2021-42383 1 Busybox 1 Busybox 2021-11-25 6.5 MEDIUM 7.2 HIGH
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function
CVE-2021-42381 1 Busybox 1 Busybox 2021-11-25 6.5 MEDIUM 7.2 HIGH
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function
CVE-2021-42384 1 Busybox 1 Busybox 2021-11-25 6.5 MEDIUM 7.2 HIGH
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function
CVE-2021-42386 1 Busybox 1 Busybox 2021-11-25 6.5 MEDIUM 7.2 HIGH
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function
CVE-2021-42379 1 Busybox 1 Busybox 2021-11-25 6.5 MEDIUM 7.2 HIGH
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function
CVE-2021-3796 2 Fedoraproject, Vim 2 Fedora, Vim 2021-11-24 6.8 MEDIUM 7.3 HIGH
vim is vulnerable to Use After Free
CVE-2021-37956 2 Fedoraproject, Google 2 Fedora, Chrome 2021-11-24 6.8 MEDIUM 8.8 HIGH
Use after free in Offline use in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-37957 2 Fedoraproject, Google 2 Fedora, Chrome 2021-11-24 6.8 MEDIUM 8.8 HIGH
Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-37961 2 Fedoraproject, Google 2 Fedora, Chrome 2021-11-24 6.8 MEDIUM 8.8 HIGH
Use after free in Tab Strip in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-37959 2 Fedoraproject, Google 2 Fedora, Chrome 2021-11-24 6.8 MEDIUM 8.8 HIGH
Use after free in Task Manager in Google Chrome prior to 94.0.4606.54 allowed an attacker who convinced a user to enage in a series of user gestures to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-37962 2 Fedoraproject, Google 2 Fedora, Chrome 2021-11-24 6.8 MEDIUM 8.8 HIGH
Use after free in Performance Manager in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.